Posts Tagged ‘cloud computing’

Thursday, July 26, 2012 - The dramatic reduction in the cost of computing and storage made possible by cloud computing services, the spread of easy-to-use, open-source analytic tools, and the growing availability of massive data services from governments and the private sector (e.g. Google Maps) have enabled thousands of start-ups, hackers and others to create exciting new tools for business, entertainment, government and other sectors. Government policies can help or hinder development of new databases and Big Data apps. Issues covered in this session included: 1) open government data policy; 2) Intellectual Property Rights protection; 3) IT research; 4) technology test beds; 5) education; 6) law enforcement access; and 7) privacy regulations.

Details of the session:

The moderator for the session was Mike Nelson, a professor at Georgetown University and research associate at CSC Leading Edge Forum. Panelists included:

Mike Nelson, an Internet policy expert from Georgetown University, shared some reassuring remarks as he introduced a panel session that concentrated upon the complexities of managing what has become known as “Big Data.”

“These issues are not new,” he said. “We’ve been dealing with them for 20 or 30 years, but they are a lot more important now.”

Nelson explained in a workshop at IGF-USA Thursday at Georgetown Law Center that it’s not just about data that are big. It’s about data that are changing so quickly and need innovative tools of management.

He introduced the following questions:

Polonetsky and Brueggeman exchange stories a workshop about the Clould at IGF-USA in Washington, D.C. on July 26, 2012.

How will privacy concerns impact the development of large databases (or will they have any significant impact)?

What are the liability issues of Big Data in the cloud?

How do we deal with the shortage of data experts?

How do we handle issues concerning control and access to data?

Jeff Brueggeman, a global public policy executive with AT&T and a longtime participant in Internet governance discussion in many fora, began the conversation by addressing a few of these issues.

First, he noted the importance of working with businesses as well as policymakers to come up with tools to manage the data. He also addressed the significance of maintaining security in cloud data.

“The more data that’s being collected and retained, the more that data could be used as a target,” Brueggeman said.

Brueggeman introduced some issues for the other panelists to contest, inquiring about best practices for dealing with data sets, types of controls over what users should expect, what uses of data are legitimate without that control and international components.

Jules Polonetsky of the Future of Privacy Forum followed with a look at the long-term perspective, offering some insight about the impacts of cloud technology.

“I’ve always had a hard time getting my head around clouds,” Polonetsky said. “But the best we can do is make sure we’re a bit of a gatekeeper.”

He argued that a formalized procedure should be established for the release of private information to law enforcement officials and others seeking information. But he also elaborated on the risks of such technology, which he illustrated by telling a story about his friend, a rabbi, who watched a racy video, unaware that Facebook would automatically share the link on his Facebook page, proving how easy it is to inadvertently share online activity with the greater digital community.

Polonetsky champions the benefits of data use, but he also urges people to consider the implications of such sharing and storing of data. He said he believes there should be a debate in which people weigh the risks and benefits.

Katherine Race Brin speaks about the Clould at IGF-USA in Washington, D.C. on July 26, 2012.

Katherine Race Brin continued the conversation, citing some of her experiences dealing with these issues in her job with the Federal Trade Commission.

She said the FTC has studied the implications of cloud computing for a number of years and has also considered how, or if, a cloud is different than any other uses of data transfer in regard to privacy.

She said her work at the FTC has led her to believe that the companies that are storing data in the cloud are often in the best position to assess the risks of that data sharing.

“We’ve always said, in relation to personal data, the businesses remain accountable for the personal data of their customers,” Brin said.

She said that while the FTC holds businesses responsible, it also provides a framework to ensure consumer privacy.

Privacy by design – Companies should build in privacy protection at every stage from the product development to the product implementation phases. This includes reasonable security for consumer data, limited collection and retention of such data and resonable procedures to promote data accuracy.

Simplified consumer choice – Companies should give consumers the option to decide what information is shared about them and with whom. This should include a “do-not-track” mechanism that would provide a simple, easy way for consumers to control the tracking of their online activities.

Transparency – Companies should disclose details about their collection and use of consumers’ information and provide consumers with access to the data collected about them.

“Governance is not easy,” Coney said. “But we do learn mechanisms for creating accountability, transparency and oversight.”

She noted that the difficulty lies in creating guidelines that have currency and legitimacy. In regard to cloud computing, Coney suggests that people are not only consumers; they themselves – or at least the sets of the private information they share – are actually products.

She said she strongly believes in the importance of the public’s engagement in the conversation. With all these privacy concerns, Coney said the consumer cannot afford to leave it up to businesses or government.

Lille Coney speaks about the Clould at IGF-USA in Washington, D.C. on July 26, 2012.

Microsoft executive Paul Mitchell, added some perspective to the conversation in terms of how to go about tackling the issue of how to manage Big Data. “I think the big challenge here is figuring out whats’ first when we’re talking about big data,” Mitchell said, noting the overwhelming amount of data being created and databased. “What we have here is not a new problem. What we have here is a problem of scale.”

Mitchell said we can look at the separate desires of people, businesses and society, and consider a philosophy based on each group’s needs. He explained that the people-first philosophy would ensure that data that could be harmful isn’t allowed to be. The business-first philosophy would be about maximizing the potential economic return for the use of data. The society-first philosophy would optimize the value for society as a whole based on what can be done with the data.

“From an operating perspective, the challenges we face involve how to govern against these three axises,” said Mitchell. “The policymakers’ choice is how to balance the three appropriately.”

Nelson then asked a question directed at the panelists about the future of the cloud and whether there would be one cloud in an interconnected world or a world of separate clouds run by different companies.

Session moderator Nelson then asked the panelists about the future of the cloud -whether there will be one cloud in an interconnectedworld or a world of separate clouds run by different companies.

Mitchell argued that there are circumstances that will require a private set of services.

Coney expressed concern over that model. “Consumer’s control over their data in a cloud-driven environment will require the ability to move their data from Cloud A to Cloud B. Making that a reality in this environment is going to be the challenge,” she said.

Polonetsky had a slightly different viewpoint. He considered the business-platforms perspective, questioning how easy it should be to move consumers’ data.

“Yes, it is your data, but did the platform add some value to it by organizing it in a certain way?” he asked, adding that the platforms may make a legitimate contribution by organizing consumers’ data. For example, your Facebook friends belong to you, but Facebook created a platform in which you interact with and share information, photographs and other things with them.

To conclude, Nelson took a few questions from the audience and asked each panelist for a recommendation regarding the future management of Big Data. Brueggeman suggested there should be a set of commonly accepted practices for managing Big Data. Polonetsky added there should be more navigable digital data. Brin supported the strong need for transparency. Coney proposed that cloud providers and Big Data companies must show their respect for a diverse group of stakeholders. Mitchell recommended that we should all work toward greater harmony between business, personal and societal values.

Where the cloud’s data is located, who has access to it and what happens if it’s breached took center stage during the cloud computing workshop at the IGF-USA conference July 18 in Washington, D.C.

The moderator for the session was Mike Nelson, a professor at Georgetown University and research associate at CSC Leading Edge Forum.

Panelists included a range of industry, governmental and civil organization representatives:

Jeff Brueggeman, vice president of public policy for AT&T

Danny McPherson, chief security officer for Verisign

Amie Stepanovich, Electronic Privacy Information Center

Marc Crandall, product counsel for Google

John Morris, general counsel and director of Internet standards, Center for Democracy & Technology (CDT)

Fred Whiteside, director of cybersecurity operations for the U.S. Department of Commerce, and National Institute of Standards and Technology Target Business Use Case Manager

Jonathan Zuck, president of the Association for Competitive Technology (ACT)

Georgetown University professor Mike Nelson said governments are happy to use the cloud for cross-border control because it would enable government applications to work better, and it would save money. But the data have to stay within a host country.

“Tension between government controls on cross-border data flows are often caused by the desire for more privacy for citizens in their country versus the global cloud,” he said. “How do we get to a global cloud that is actually globalized, where data is allowed to move wherever it wants to and yet have the private assurances we’ve had in the past?”

There are many who believe location equals control, said Marc Crandall of Google. But that is not always the case when entering various servers and using a resource like the cloud.

“So location may not necessarily equal control,” Crandall said. “The thing about the cloud is I tend to feel that location does not necessarily equal secure. Where something is located doesn’t make it any more or less secure.”

Having governments worry about security standardization and privacy would be a better focus, he said.

Jonathan Zuck, president of the Association for Competitive Technology, said people need to begin to focus on international citizenry in regards to the cloud. It’s not about where the cloud is located or whose cloud the consumers are using, but looking at a larger more competitive group of providers.

JULY 18, 2011 - Fred Whiteside shares with a group of individuals during the "Can the Clouds Prevail?" workshop during the Internet Governance Forum USA 2011.

And where data are located comes can raise concerns about who has access to that information. If the data are located in a country with little judicial review or fewer privacy regulations, will users’ information be at risk?

“There should be an emerging global standard,” said Jeff Brueggeman, vice president of public policy for AT&T. “As to privacy, the more we improve international cooperation on cybersecurity and law enforcement so that there is more comfort over legitimate concerns that if the data is not stored can they go after a bad guy. But again we have to deal with real issues as well as setting up the right policies to help distinguish between legitimate concern and government overreaching.”

If there is a breach and private information has been hacked, as has been seen in recent attacks against Google and Sony, what should the companies do to be transparent but also uphold their legal obligations?

If an organization is hacked and information is stolen, but that’s not made known publicly, it could be a violation of fair disclosure, said Danny McPherson, chief security officer of Verisign.

“Lots of folks don’t share that type of information,” he said. “Every state or region or nation or union has different native laws and that is extremely problematic in that perspective.”

There are many times that information may not be classified but is of a private nature, such as trade agreements that would need to stay confidential, said Fred Whiteside, director of cybersecurity operations for the U.S. Department of Commerce. It is complex, he said, and as someone who hears many classified discussions on security breaches, he added that it would trouble him for sensitive information to be made public.

Amie Stepanovich, of Electronic Privacy Information Center, said businesses and industries should start worrying about encrypting the information before it is hacked and instead of worrying about the cost-benefit analysis.

“I think the benefit of data encryption is really worth it,” she said. “Its been proven again and again. Companies feel somehow they have to touch that burner to see if it’s hot before they move to that.”

Regardless, while the focus has been on the concerns and security issues surrounding the cloud, there are many benefits that should receive their due credit.

“I think the fact we are all here is a testament to the cloud,” she said. “Or else we wouldn’t be so concerned with what the problems are if we didn’t recognize there are so many benefits of the cloud.”

The opening plenary session of the third IGF-USA featured general remarks from Pablo Molina CIO of the host institution, Georgetown University Law School, Chengetai Masango, a representative of the United Nations Secretariat for the Internet Governance Forum, and Ambassador Philip Verveer of the U.S. State Department.

Details of the session:

JULY 18, 2011 - Ambassador Phil Verveer, US Coordinator for the International Communications and Information Policy, address the audience, highlighting the importance of internet governance and IGF's multistakeholder approach.

U.S. Ambassador Phil Verveer emphasized the importance of keeping the Internet free of what he called “intergovernmental controls” across continents so that ideas and information can continue to flow openly and freely at IGF-USA. Certainly, he said, it’s the U.S. view that the Internet not be used as a means of oppression or repression.

“It’s equally clear that we—all humanity—are better off if the Internet remains as it is, free of intergovernmental controls,” Verveer said. “In the view of the United States this is critically important. (An open and free Internet should be) open to new ideas and uses and to the kinds of organic change it has served so well and also free of censorship and other tools of political oppression.”

Verveer said intergovernmental controls involve Internet lag times and attempts at coming to a consensus about important issues, which ultimately results in locating the “lowest common denominator.” And all that is inconsistent with today’s version of the Internet, he said.

An excess of rules and regulations, too, are problematic because of the fretful future they could bring.

“There’s a great danger that we’re going to end up in a situation where some administrations can claim the assistance of all other administrations with respect to things like censorship and greater political control that we in the United States feel very, very strongly should be avoided.”

One way to avoid unnecessary rules is through communication, and that’s where the Internet Governance Forum, a multistakeholder organization, enters the picture, said Pablo Molina, campus CIO and AVP of Georgetown University.

“Communication is a fundamental human right,” Molina said. “The ability to communicate with others and exchange information is critical for human development.”

Individuals who send and receive money across borders and immigrants who use the Internet to bridge the gap between their foreign and origin countries must rely on communication, he said.

And with communication comes the right to education, according to Molina. More and more students and professors are working at colleges and universities form other parts of the world and opening up countries to engage in international initiatives, Molina said.

These important initiatives is why the private sector, all countries, governments, private organizations and academia are all on equal footing while at IGF, said Chengetai Masango, United Nations Secretariat of the IGF, who discussed the history of IGF during his opening remarks and will speak later in the afternoon about the national Internet Governance Forum this September in Kenya.

This allows for open and honest discussion without the fear of something being held against a speaker because no policy decisions are made at IGF, he said. Instead it is a chance for people to learn, share and bring back new ideas to help shape their various groups.

Some have criticized IGF’s approach as a soft form of government, yet Masango stressed the forum is meant to spur discussion and open dialogue to increase cooperation in the technological field.

“The Internet is the largest and most successful cooperative venture in history,” Verveer said.

And it has produced many multistakeholder organizations, including ICANN and IGF, with many more cropping up every year.

Marilyn Cade, chief catalyst for IGF-USA, welcomed more than 100 members of civil society, academia, government and the private sector to the third IGF-USA and laid out the busy day ahead.

“We focus on IGF-USA by taking a national perspective with a global view,” Cade said. “And you will see that in the workshops and sessions today.”

The workshops and sessions will focus on youth Internet stereotypes, regionalization of the Internet, cloud computing and the changing landscape in the domain name system.

Daniel Castro, a Senior Analyst for ITIF, talks about the promises and challenges of cloud computing.

Brief description:

Cloud computing holds great promise for customers and entrepreneurs in the United States and around the world. It offers users – including governments and enterprises – the opportunity to pay only for the computing they use rather than maintaining all their computing needs and resources themselves. For innovators, the cloud offers a greatly reduced cost of entry into a market heretofore dominated by big players. However, there are policy challenges to be addressed. Fully realizing this potential requires unprecedented cooperation between industry, consumers and governments to ensure individual privacy and data security and ensure confidence in the remote storage of critical information. Not all are optimistic about the future of cloud computing because of the centralization of personal information, concentrated threats to security and the questions it raises about national sovereignty. This panel, moderated by Jonathan Zuck, president of the Association for Competitive Technology, explored opportunities and challenges of “the cloud.”

Details of the session:

There is a need for discussion about the opportunities and challenges of cloud computing in the public policy arena because of the popularity of platforms like Flickr, Facebook, fantasy sports leagues, Google and Amazon, according to panelists in a cloud computing workshop at the IGF-USA conference July 21 in Washington, D.C.

Jack Suess, vice president of information technology, University of Maryland

Evan Burfield, chief executive officer, Synteractive

Marc Berejka, policy advisor, office of the secretary, U.S. Department of Commerce

Cloud computing offers users — including governments and enterprises — the opportunity to pay only for the computing they use rather than maintaining all their computing needs and resources themselves. This allows innovators to have increased access to the market at a reduced price, increasing competition in the market.

“There is a definite trend to using cloud computing,” Castro said. “There are much lower start-up costs because they don’t have to pay for the infrastructure. It gives you the ability to scale up or scale down. “

A common question is if data posted on cloud computing platforms is secure. The risks to data security and integrity rise with transnational cloud computing. Cloud users often do not know which law enforcement rules apply to their data.

“They don’t even know for sure where the data is; they don’t know exactly what country the data is in,” Morris said. “The challenges of being a cloud computing service provider and how to respond to law enforcement requests are very significant.”

If a cloud customer lives in the United States, but her data is stored on a server in another country, does that make her data more or less secure? Will the laws of the other country alter her rights regarding the actions she takes online?

“I think we will move to seeing risks to free speech on the Internet due to cloud computing,” Morris said. “I think that cloud computing could lead to repression.”

The panel also discussed issued tied to cloud computing and intellectual property.

“As we do move into the cloud there is a question about if we want to protect copyright protection,” Castro said. “Can service providers do a better job? We have a lot of intellectual property in the United States that we care about.”

Panelists noted that cloud computing presents completely new challenges in regard to cybersecurity, copyright protection and free flow of information on the Internet. “In the 1990s, during the version 1.0 era, the government philosophy on the Internet was ‘hands off,’” Berejka said. “We are now truly globally interconnected; it’s not a theory any more. Our philosophy is still to do no harm, but that might not necessarily translate into doing nothing.”

Higher education is one industry that has found a way to take advantage of cloud computing platforms. The outsourcing of student e-mail is becoming common, broadband and advanced networking are available to many more participants and vendor and government support for federations like InCommon is increasing.

“A lot of universities are coming together and thinking about community cloud services,” Suess said. “Higher education likes to collaborate with one another but one of the things that is holding the cloud back is stability. And trust is another question.”

Small businesses are also able to take advantage of cloud computing platforms. Burfield’s company, Synteractive, has 45 employees. He said they have no servers, conduct all their e-mail business in the cloud, use Skype for meetings and use Facebook for marketing. His company created recovery.gov for President Obama’s administration. They built the platform on an Amazon-provided server in about a week, creating the entire platform in the cloud.

“For a small business like ours it’s a great competitive advantage that never existed before,” Burfield said.

Cloud computing is allowing small businesses to be competitive, but there are still limits to what cloud computing services can do.

“For the cloud computing revolution to really work for consumers we need for the industry to move to a world of robust data portability,” Morris said. “The real promise of cloud computing for consumers is innovation and competition. I hope that there is data portability so when a new service comes online I can take my data and try the new service.”

Panelists shared their philosophical differences about online confidentiality and self-regulation in a discussion about privacy and security implications for Web 2.0 at the Internet Governance Forum-USA conference Oct. 2, 2009, in Washington, D.C.

All panelists agreed that online privacy remains an important issue, and that corporations have an ethical and legal responsibility to ensure that their consumers continue to enjoy some level of anonymity and confidentiality online. But they disagreed about whether self-regulation or government-enforced standards are the best method to achieve that end.

Ginger McCall, EPIC staff counsel, said companies’ privacy policies are often overwrought with technical and legal jargon, making them difficult for users to comprehend. They become too robust that users often click through them without much acknowledgement.

McCall said an overriding concern is that the policies often allow companies to change their guidelines at any time often with no notice to the users.

A bigger problem, still, is that companies are able to collect information about users without ever providing them with the information they have gathered.

“One creative suggestion that I might make is that businesses just give consumers everything they know about them,” said Michelle Demooy, a senior associate of consumer-action.org. “If you’re not a bad actor, it can’t hurt you to give consumers everything you know about them. It can only strengthen your brand going forward.”

Both McCall and Demooy specifically expressed growing anxiety about cloud computing, which allows Web hosting services to house the documents and data of users on their corporate servers. (Think of Google Docs and Gmail, for example.) So what used to be on a person’s personal computer is now on a larger server.

“It’s great for information sharing and collaboration, but not for privacy,” McCall said. “But it allows companies or outsiders to create detailed profiles of users. We need to see a stronger security system and we need to see companies are following through. There needs to be a strong regulation of cloud computing. There should be binding legal standards, terms of services have to be revised and privacy policies must be more transparent.”

Kathryn D. Ratte, from the division of Privacy and Internet Protection of the Federal Trade Commission, said the FTC supports self-regulation not government directives. She says allowing technologies to emerge promotes innovation.

“Our policy has been to enforce self-regulation,” Ratte said. “We analyze what’s going on in the market and put forth standards to adhere to. The flexibility allows us in some ways to act more quickly. We can just address these issues as they raise issues for consumers.”

Jeff Brueggeman, vice president of public policy for AT&T, said the FTC has laid down an ample baseline for legal protection on the Internet that certainly needs continual monitoring but not government intervention.

The FTC is taking a proactive but engaged approach. We don’t give consumers enough credit for the value they place on their privacy. More and more privacy is going to be a marketing advantage that companies are going to assert on the Internet. What we want to have is competition to maintain and secure your privacy, as well. - Jeff Brueggeman

McCall, though, said self-regulation is not a strong enough policy and that legislation with teeth is definitely possible.

“Self-regulation in the Internet context fails because there’s not really enough transparency about what’s going on and what harm is happening,” she said. “A lack of transparency allows companies to act in whatever manner it wants in the short term to make money. It also suffers from the problem in that it only allows for possible remedies after the fact. Having a real comprehensive regulatory system would allow companies to know what’s permissible and not permissible.”

Ratte said consumers do need assurances that their data will be securely protected, but the FTC has not taken a stance on comprehensive privacy policy legislation. Still, they do advocate that companies treat consumers fairly and honestly.

The FTC has come out strongly saying that the rules that apply at time of the collection of data have to continue to apply and if there’s a change. The company should go back to the customer and get opt-in consent. - Kathryn D. Ratte

But McCall and Demooy both said vigorous legislation is possible, and if companies are acting in good faith and treating consumers with respect and responsibility, then they shouldn’t be worried about governmental regulations.

“Privacy policies have their place, but they aren’t really helping consumers,” Demooy said. “If they’re not working, let’s not bang our hammer against that stone. Let’s try to build something that does.”

Randy Gyllenhaal, the panel respondent representing young people, is a member of the documentary journalism crew reporting at IGF-USA for Imagining the Internet. He supplied the transcript of his contribution:

I’m no expert on the ins-and-outs of Internet politics, but I do fully understand my generation’s infatuation with being connected.

From the youngest age, we have understood what it means to be plugged in. We have grown up right alongside the Internet, more than any other generation… Instant messenger was introduce in middle school, MySpace came about in high school, YouTube and Facebook just in time for college…

But something Mr. Rainie said made me think… when Generation Y comes to power, how will we look at issues like copyright and information ownership?

As the Internet evolves and matures, we must evolve and mature with it – not something you’d expect to hear from a young person. - Randy Gyllenhaal

It’s been ingrained in our heads that the Internet is free. Napster taught us that music can be free, CNN.com taught us that news can be free – we’ve never had to pick up a newspaper in our lives.

Even TV can be free… yesterday I told my roommate to watch the new episode of “House” on Hulu… he said he didn’t want to sit through 30 seconds of ads…and would watch it on Ninjavideo…a site that streams TV and movies illegally. 30 seconds, that’s how A-D-D we are… it’s too much to bear.

My generation must grow up, and start taking responsibility for such a powerful tool that is the Internet. Nothing is free. The current model is not sustainable. Maybe I understand this more because I plan on going into journalism…but I hope others my age feel this way as well. - Gyllenhaal

We want more Internet. We want cloud computing, we want mobile everything, we want it now, we want it fast, and we want it free. But in the future, it can’t be free, can it?

Young people are totally in favor of expanding the Internet and creating more outlets for information. I just wonder if we’re willing to pay for it.